* do _NOT_ touch this from your program !
*/
struct smbc_internal_data * internal;
+
+ int flags;
};
+/* Flags for SMBCCTX->flags */
+#define SMB_CTX_FLAG_USE_KERBEROS (1 << 0)
+#define SMB_CTX_FLAG_FALLBACK_AFTER_KERBEROS (1 << 1)
+#define SMBCCTX_FLAG_NO_AUTO_ANONYMOUS_LOGON (1 << 2) /* don't try to do automatic anon login */
/**@ingroup misc
* Create a new SBMCCTX (a context).
if (ret){
SAFE_FREE(principal);
DEBUG(0, ("Kinit failed: %s\n", error_message(ret)));
+ if (cli->fallback_after_kerberos)
+ goto ntlmssp;
return ADS_ERROR_KRB5(ret);
}
}
rc = cli_session_setup_kerberos(cli, principal, domain);
- SAFE_FREE(principal);
- return rc;
+ if (ADS_ERR_OK(rc) || !cli->fallback_after_kerberos) {
+ SAFE_FREE(principal);
+ return rc;
+ }
}
#endif
return NULL;
}
+ if (context->flags & SMB_CTX_FLAG_USE_KERBEROS) {
+ c.use_kerberos = True;
+ }
+ if (context->flags & SMB_CTX_FLAG_FALLBACK_AFTER_KERBEROS) {
+ c.fallback_after_kerberos = True;
+ }
+
c.timeout = context->timeout;
/* Force use of port 139 for first try, so browse lists can work */
password, strlen(password),
password, strlen(password),
workgroup) &&
- /* try an anonymous login if it failed */
- !cli_session_setup(&c, "", "", 1,"", 0, workgroup)) {
+ /* Try an anonymous login if it failed and this was allowed by flags. */
+ ((context->flags & SMBCCTX_FLAG_NO_AUTO_ANONYMOUS_LOGON) ||
+ !cli_session_setup(&c, "", "", 1,"", 0, workgroup))) {
cli_shutdown(&c);
errno = EPERM;
return NULL;